Clean up pg_SSPI_error() coding a little bit: make the messages more

consistent, translate where intended, const-ify declarations.
Resolves a gripe from Alvaro as well as some stuff I didn't like.
This commit is contained in:
Tom Lane 2009-03-22 18:06:35 +00:00
parent 5698f6b925
commit 727ffa1d1e
2 changed files with 20 additions and 12 deletions

View File

@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.178 2009/01/09 10:13:18 mha Exp $ * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.179 2009/03/22 18:06:35 tgl Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -1084,11 +1084,12 @@ pg_GSS_recvauth(Port *port)
*/ */
#ifdef ENABLE_SSPI #ifdef ENABLE_SSPI
static void static void
pg_SSPI_error(int severity, char *errmsg, SECURITY_STATUS r) pg_SSPI_error(int severity, const char *errmsg, SECURITY_STATUS r)
{ {
char sysmsg[256]; char sysmsg[256];
if (FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, r, 0, sysmsg, sizeof(sysmsg), NULL) == 0) if (FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, r, 0,
sysmsg, sizeof(sysmsg), NULL) == 0)
ereport(severity, ereport(severity,
(errmsg_internal("%s", errmsg), (errmsg_internal("%s", errmsg),
errdetail("SSPI error %x", (unsigned int) r))); errdetail("SSPI error %x", (unsigned int) r)));
@ -1150,8 +1151,7 @@ pg_SSPI_recvauth(Port *port)
&sspicred, &sspicred,
&expiry); &expiry);
if (r != SEC_E_OK) if (r != SEC_E_OK)
pg_SSPI_error(ERROR, pg_SSPI_error(ERROR, _("could not acquire SSPI credentials"), r);
gettext_noop("could not acquire SSPI credentials handle"), r);
/* /*
* Loop through SSPI message exchange. This exchange can consist of * Loop through SSPI message exchange. This exchange can consist of
@ -1240,7 +1240,7 @@ pg_SSPI_recvauth(Port *port)
} }
FreeCredentialsHandle(&sspicred); FreeCredentialsHandle(&sspicred);
pg_SSPI_error(ERROR, pg_SSPI_error(ERROR,
gettext_noop("could not accept SSPI security context"), r); _("could not accept SSPI security context"), r);
} }
if (sspictx == NULL) if (sspictx == NULL)
@ -1296,7 +1296,7 @@ pg_SSPI_recvauth(Port *port)
{ {
FreeLibrary(secur32); FreeLibrary(secur32);
pg_SSPI_error(ERROR, pg_SSPI_error(ERROR,
gettext_noop("could not get security token from context"), r); _("could not get token from SSPI security context"), r);
} }
FreeLibrary(secur32); FreeLibrary(secur32);

View File

@ -7,7 +7,7 @@
* Portions Copyright (c) 1994, Regents of the University of California * Portions Copyright (c) 1994, Regents of the University of California
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.140 2009/01/13 10:43:21 mha Exp $ * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.141 2009/03/22 18:06:35 tgl Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -472,13 +472,13 @@ pg_GSS_startup(PGconn *conn)
*/ */
static void static void
pg_SSPI_error(PGconn *conn, char *mprefix, SECURITY_STATUS r) pg_SSPI_error(PGconn *conn, const char *mprefix, SECURITY_STATUS r)
{ {
char sysmsg[256]; char sysmsg[256];
if (FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, r, 0, if (FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, r, 0,
sysmsg, sizeof(sysmsg), NULL) == 0) sysmsg, sizeof(sysmsg), NULL) == 0)
printfPQExpBuffer(&conn->errorMessage, "%s: sspi error %x", printfPQExpBuffer(&conn->errorMessage, "%s: SSPI error %x",
mprefix, (unsigned int) r); mprefix, (unsigned int) r);
else else
printfPQExpBuffer(&conn->errorMessage, "%s: %s (%x)", printfPQExpBuffer(&conn->errorMessage, "%s: %s (%x)",
@ -623,10 +623,18 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate)
return STATUS_ERROR; return STATUS_ERROR;
} }
r = AcquireCredentialsHandle(NULL, use_negotiate ? "negotiate" : "kerberos", SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, conn->sspicred, &expire); r = AcquireCredentialsHandle(NULL,
use_negotiate ? "negotiate" : "kerberos",
SECPKG_CRED_OUTBOUND,
NULL,
NULL,
NULL,
NULL,
conn->sspicred,
&expire);
if (r != SEC_E_OK) if (r != SEC_E_OK)
{ {
pg_SSPI_error(conn, "acquire credentials failed", r); pg_SSPI_error(conn, libpq_gettext("could not acquire SSPI credentials"), r);
free(conn->sspicred); free(conn->sspicred);
conn->sspicred = NULL; conn->sspicred = NULL;
return STATUS_ERROR; return STATUS_ERROR;